Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
370
Views
0
Helpful
1
Replies

Applying ACLs (PIX 506E)

jaisol
Level 1
Level 1

‎05-27-2005 07:46 AM - edited ‎02-21-2020 12:10 AM

I have a group defined for internal Hosts:

object-group network Dep_RH_Hosts

network-object host 10.195.190.2

network-object host 10.195.190.5

network-object host 10.195.190.8

... (plus 32 hosts)

I have too a group for external IP addresses:

object-group network Empleos_Hosts

network-object 66.246.213.0 255.255.255.0

network-object 72.36.137.0 255.255.255.0

network-object 216.72.4.0 255.255.255.0

network-object 200.41.9.0 255.255.255.0

How can permit just to internal hosts group to access external IP addresses?

I could use:

access-list 100 permit ip any object-group Empleos_Hosts

to give access to everyone but I need to give access just for internal group mentioned above.

THANKS!

8006283427

0 Helpful
1 Reply 1

mostiguy
Level 6
Level 6

‎05-27-2005 08:48 AM

access-list permit ip object-group dep_rh_hosts....

will determine what the source hosts are, so if you want those hosts to have unlimited outbound access :

access-list permit ip object-group dep_rh_hosts any

will work. If you want the internal host group to only have access to the external host group:

access-list permit ip object-group dep_rh_hosts object-group empleos_hosts

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card